NotCVE - vendor:"Ibm" product:"Security Verify Access" version:" >= 10.0.0.0 <= 10.0.6.1"

32 results (0.003 seconds)

CVSS: 6.8EPSS: 0%CPEs: 2EXPL: 0

CVE-2024-35133 – IBM Security Verify Access HTTP open redirect

https://notcve.org/view.php?id=CVE-2024-35133

IBM Security Verify Access 10.0.0 through 10.0.8 OIDC Provider could allow a remote attacker to conduct phishing attacks, using an open redirect attack. By persuading a victim to visit a specially crafted Web site, a remote attacker could exploit this vulnerability to spoof the URL displayed to redirect a user to a malicious Web site that would appear to be trusted. This could allow the attacker to obtain highly sensitive information or conduct further attacks against the victim. • https://exchange.xforce.ibmcloud.com/vulnerabilities/291026 https://www.ibm.com/support/pages/node/7166712 • CWE-601: URL Redirection to Untrusted Site ('Open Redirect') •

CVSS: 6.2EPSS: 0%CPEs: 1EXPL: 0

CVE-2023-30430 – IBM Security Verify Access information disclosure

https://notcve.org/view.php?id=CVE-2023-30430

IBM Security Verify Access 10.0.0 through 10.0.7.1 could allow a local user to obtain sensitive information from trace logs. IBM X-Force ID: 252183. • https://exchange.xforce.ibmcloud.com/vulnerabilities/252183 https://www.ibm.com/support/pages/node/7158789 • CWE-532: Insertion of Sensitive Information into Log File •

CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0

CVE-2024-31883 – IBM Security Verify Access denial of service

https://notcve.org/view.php?id=CVE-2024-31883

IBM Security Verify Access 10.0.0.0 through 10.0.7.1, under certain configurations, could allow an unauthenticated attacker to cause a denial of service due to asymmetric resource consumption. IBM X-Force ID: 287615. • https://exchange.xforce.ibmcloud.com/vulnerabilities/287615 https://www.ibm.com/support/pages/node/7158789 • CWE-703: Improper Check or Handling of Exceptional Conditions •

CVSS: 6.2EPSS: 0%CPEs: 1EXPL: 0

CVE-2024-25027 – IBM Security Verify Access Container information disclosure

https://notcve.org/view.php?id=CVE-2024-25027

IBM Security Verify Access 10.0.6 could disclose sensitive snapshot information due to missing encryption. IBM X-Force ID: 281607. IBM Security Verify Access 10.0.6 podría revelar información confidencial de instantáneas debido a la falta de cifrado. ID de IBM X-Force: 281607. • https://exchange.xforce.ibmcloud.com/vulnerabilities/281607 https://www.ibm.com/support/pages/node/7145400 • CWE-311: Missing Encryption of Sensitive Data •

CVSS: 8.2EPSS: 0%CPEs: 1EXPL: 0

CVE-2023-43017 – IBM Security Verify Access man in the middle

https://notcve.org/view.php?id=CVE-2023-43017

IBM Security Verify Access 10.0.0.0 through 10.0.6.1 could allow a privileged user to install a configuration file that could allow remote access. IBM X-Force ID: 266155. IBM Security Verify Access 10.0.0.0 a 10.0.6.1 podría permitir a un usuario privilegiado instalar un archivo de configuración que podría permitir el acceso remoto. ID de IBM X-Force: 266155. • https://exchange.xforce.ibmcloud.com/vulnerabilities/266155 https://www.ibm.com/support/pages/node/7106586 • CWE-295: Improper Certificate Validation •

1 2 3 4 5